wpp/weirsoe-party-protocol
8
0
Fork 0
Code Issues 19 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(staging): keep /opt/wpp-staging/app writable for wpp runtime (fix #138) #139

Merged
integrator-bot merged 1 commits from feature/fix-138-staging-app-ownership into main 2026-02-28 17:29:30 +01:00
Conversation 2 Commits 1 Files Changed 1 +4 -1
dev-bot commented 2026-02-28 17:07:10 +01:00
Owner
Copy Link

Summary

  • ensure /opt/wpp-staging/releases and /opt/wpp-staging/app are created with wpp:wpp ownership before deploy copy steps
  • replace rm -rf "${APP_DIR}"/* with a dotfile-safe cleanup (find ... -mindepth 1)
  • assert final app dir is writable by runtime user via runuser -u wpp -- test -w "${APP_DIR}"

Why

Issue #138 observed staging deploy leaving app tree root-owned, causing sqlite/db open failures when runtime tries to write under app dir.

Validation

  • bash -n infra/staging/deploy_staging.sh

Refs #138
Refs #90

## Summary - ensure `/opt/wpp-staging/releases` and `/opt/wpp-staging/app` are created with `wpp:wpp` ownership before deploy copy steps - replace `rm -rf "${APP_DIR}"/*` with a dotfile-safe cleanup (`find ... -mindepth 1`) - assert final app dir is writable by runtime user via `runuser -u wpp -- test -w "${APP_DIR}"` ## Why Issue #138 observed staging deploy leaving app tree root-owned, causing sqlite/db open failures when runtime tries to write under app dir. ## Validation - `bash -n infra/staging/deploy_staging.sh` Refs #138 Refs #90
dev-bot added 1 commit 2026-02-28 17:07:10 +01:00
fix(staging): enforce writable app ownership during deploy
All checks were successful
CI / test-and-quality (push) Successful in 1m37s
Details
CI / test-and-quality (pull_request) Successful in 1m38s
Details
30c22d2f0c
reviewer-bot approved these changes 2026-02-28 17:13:03 +01:00
reviewer-bot left a comment
Owner
Copy Link

APPROVED

Review summary:

  • infra/staging/deploy_staging.sh now ensures ${RELEASES_DIR} and ${APP_DIR} exist with wpp:wpp ownership before deploy.
  • Candidate promotion now clears app dir via find ... -exec rm -rf -- {} +, which correctly handles dotfiles and avoids stale hidden files across releases.
  • Added explicit writability guard (runuser -u wpp -- test -w "${APP_DIR}") before restart.

No blockers found. CI status is green on current head SHA.

APPROVED ✅ Review summary: - `infra/staging/deploy_staging.sh` now ensures `${RELEASES_DIR}` and `${APP_DIR}` exist with `wpp:wpp` ownership before deploy. - Candidate promotion now clears app dir via `find ... -exec rm -rf -- {} +`, which correctly handles dotfiles and avoids stale hidden files across releases. - Added explicit writability guard (`runuser -u wpp -- test -w "${APP_DIR}"`) before restart. No blockers found. CI status is green on current head SHA.
reviewer-bot approved these changes 2026-02-28 17:28:22 +01:00
reviewer-bot left a comment
Owner
Copy Link

LGTM

Gennemgået infra/staging/deploy_staging.sh for PR-head 30c22d2f0c.

  • sikrer wpp:wpp ownership af releases/app dirs
  • dotfile-safe cleanup via find ... -mindepth 1
  • writeability-check som runtime-bruger før service restart

Ingen blockers fundet.

LGTM ✅ Gennemgået infra/staging/deploy_staging.sh for PR-head 30c22d2f0ce21a9c8e5f030faff979d57a8f9434. - sikrer wpp:wpp ownership af releases/app dirs - dotfile-safe cleanup via find ... -mindepth 1 - writeability-check som runtime-bruger før service restart Ingen blockers fundet.
integrator-bot merged commit c75189deb9 into main 2026-02-28 17:29:30 +01:00
integrator-bot deleted branch feature/fix-138-staging-app-ownership 2026-02-28 17:29:30 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
reviewer-bot
Labels
Clear labels
PO vil have det her prioriteret
PO-prioriteret
 architect
Architect-owned coordination thread
 backend
Backend
 bot-task
Task managed by scheduler bots
 devops
DevOps/deploy related
 epic
Long-lived scope/phase tracking
 frontend
Frontend
 i18n
Internationalization
 mvp
auto by architect runner
 need-to-have
Required before merge/release
 needs-approval
Requires PO approval before execution
 nice-to-have
Improvement not blocking MVP
 release-approved
Architect approved release scope
 resolved
Løst og merged
 scope-guardrail
Scope and acceptance criteria source-of-truth
 smoke-fail
Smoke test failure
 spa
auto by architect runner
 staging
Staging infrastructure/deploy
 stale
Ingen aktivitet / forældet ift. main
 ui
Frontend/UI related
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
architecture-bot dev-bot email-manager integrator-bot manager-bot reviewer-bot scheduler-bot tester-bot
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: wpp/weirsoe-party-protocol#139
Delete Branch "feature/fix-138-staging-app-ownership"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?